package com.zhiche.lisa.mdm.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

/**
 * 单点登陆权限配置文件
 * @auther lsj
 * @create 2018-06-13
 */
@Configuration
@EnableResourceServer
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
//    @Autowired
//    private OAuth2ClientProperties oAuth2ClientProperties;
//
//    @Bean
//    @ConfigurationProperties("security.oauth2.resource")
//    public ResourceServerProperties resourceServerProperties() {
//        return new ResourceServerProperties();
//    }
//
//    @Bean
//    @ConfigurationProperties("security.oauth2.authorization")
//    public AuthorizationServerProperties authorizationServerProperties() {
//        return new AuthorizationServerProperties();
//    }
//
//    @Bean
//    public ResourceServerTokenServices tokenServices() {
//        RemoteTokenServices remoteTokenServices = new RemoteTokenServices();
//        remoteTokenServices.setCheckTokenEndpointUrl(authorizationServerProperties().getCheckTokenAccess());
//        remoteTokenServices.setClientId(oAuth2ClientProperties.getClientId());
//        remoteTokenServices.setClientSecret(oAuth2ClientProperties.getClientSecret());
//        remoteTokenServices.setAccessTokenConverter(jwtAccessTokenConverter());
//        return remoteTokenServices;
//    }
//
//    @Bean
//    public JwtAccessTokenConverter jwtAccessTokenConverter() {
//        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
//        converter.setSigningKey(resourceServerProperties().getJwt().getKeyUri());
//        return converter;
//    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
                .and()
                .anonymous()
                .and()
                .authorizeRequests()
                .antMatchers("/swagger-resources/**",
                        "/swagger-ui.html",
                        "/webjars/**",
                        "/*.html",
                        "/v2/api-docs",
                        "/",
                        "/*.html",
                        "favicon.ico",
                        "/**/*.html",
                        "/druid/**",
                        "/inner/**").permitAll()
                .antMatchers(HttpMethod.OPTIONS).permitAll()
                .anyRequest().authenticated();
    }
}
